Jump to content

IP Banning and Range

steveangelis

By steveangelis
in PHP Coding Help

 Share

Recommended Posts

steveangelis Member

steveangelis

Posted
Posted

I am trying to write a simple script to ban an IP range and I having a hell of a hard time getting it to work.

 

Here is my code:

 

$qban2 = mysql_query("select * from bans2");
while ($gban2 = mysql_fetch_array($qban2))
{
$ban_range_low=$gban2['ip_addy1']; 
$ban_range_up=$gban2['ip_addy2']; 
if (ip2long($ban_range_low) >= ip2long('HTTP_X_FORWARDED_FOR') && ip2long($ban_range_up) <= ip2long('HTTP_X_FORWARDED_FOR')) 
{
echo "You have been banned from this web site.";
exit();
}
else
{
if (ip2long($ban_range_low) >= ip2long('REMOTE_ADDR') && ip2long($ban_range_up) <= ip2long('REMOTE_ADDR')) 
{
echo "You have been banned from this web site.";
exit();
}

}
}

 

In short when I run the code with IP's in the database nothing happens.  I tried entering the IP's in manually instead of using database variables and it did not work so I know it is the code it's self.  This script is two tier.  The first part bans if there is a proxy and the second part bans if there is no proxy.  ip_addy1 is the low variable and ip_addy2 is the high variable.  Does anyone see where I am going wrong?

Link to comment
Share on other sites
o3d Newbie

o3d

Posted
Posted

Firstly I would use a function as below to determine the client's ip (this way you only need one table field for the ip):

function getRealIpAddr()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}

 

I did something similar but if the user came from a proxy, stored the "REMOTE_ADDR - HTTP_X_FORWARDED_FOR" as identifier for the client rather than REMOTE_ADDR and HTTP_X_FORWARDED_FOR in seperate fields.

 

Fyi - it would be difficult to ban an ip if the client is coming from an anonymous network (ie Tor) except if you block ip ranges from anonymous networks.

 

update - I don't take credit for the code - taken from http://roshanbh.com.np/2007/12/getting-real-ip-address-in-php.html

Link to comment
Share on other sites
steveangelis Member

steveangelis

Posted
  • Author
Posted 

$qban1 = mysql_query("select * from bans");
while ($gban1 = mysql_fetch_array($qban1))
{
if (ip2long('HTTP_X_FORWARDED_FOR') == $gban1['ip_addy']) 
{
echo "You have been banned from this web site.";
exit();
}
else
{
if (ip2long('REMOTE_ADDR') == $gban1['ip_addy'])
{
echo "You have been banned from this web site.";
exit();
}


}
}

 

That is the code I use to ban a single IP and it works perfectly fine.  I tested it out and I noticed no errors at all so I know the variables like "ip2long('REMOTE_ADDR')" are not the problem and it calls up the correct variables.  Please note the above code is from a similar ban I made except that it is for a single IP instead of a range and the one directly above works.  The one I need help with is in the original post.

Link to comment
Share on other sites
oni-kun Member

oni-kun

Posted
Posted

That is the code I use to ban a single IP and it works perfectly fine.  I tested it out and I noticed no errors at all so I know the variables like "ip2long('REMOTE_ADDR')" are not the problem and it calls up the correct variables.  Please note the above code is from a similar ban I made except that it is for a single IP instead of a range and the one directly above works.  The one I need help with is in the original post.

 

Hm! Try running this code 

echo ip2long('REMOTE_ADDR');

 

And it fails!

 

If you truly expect to convert a string into an IP, you're making no sense and may as well not even attempt to. 

echo ip2long($_SERVER['REMOTE_ADDR']);

 

And oh look, it works

Link to comment
Share on other sites
oni-kun Member

oni-kun

Posted
Posted
I tested it out and I noticed no errors at all

 

You greatly need to re-evaluate how a programming language functions. I'd recommend turning error reporting on, for the first place.

 

So "CRITICAL ERROR"s mean it's correct?

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.